With Industrial Internet of Things (IIoT) technology, sensors are attached to physical assets, which gather data, store it, and employ analytics and machine learning to derive business intelligence and take appropriate action. In a perfect world, this chain of events occurs seamlessly, with no hiccups between asset and business decision — and no security risk.
That’s in a perfect world.
The IIoT is bringing about huge disruption in the industrial sector. On one hand, this disruption can be a good thing, a sign of growth and evolution; however, there is a potential downside and even danger with all this change. The 2020 State of Operational Technology and Cybersecurity Report from Fortinet provides some unsettling numbers:
- High risk – Ninety percent of organizations have experienced at least one operational technology (OT) system intrusion in the past year — up 19 percent from 2019; 65 percent of organizations have experienced three or more intrusions — up 18 percent from 2019
- Noncompliance – Forty-four percent of organizations don’t track and report compliance with industry regulations or with security standards
This situation can be seen as an inevitable outcome as more sensors and devices means invariably an expanded attack surface. But an already difficult situation becomes more difficult when decision-makers attempt to put out each little fire that breaks out.
“With all these new connections, and inevitable points of weakness, the risk is definitely there,” said Interware Systems Managing Partner Ed Fung. “Unfortunately leaders may opt to cover each new exposure as soon as it appears. It’s a well-meaning approach but it results in higher infrastructure complexity. As visibility is a foundation stone of strong security — the ability to see everything — then this approach seems unhelpful, and in the long run dangerous.”
Seeing is security
Breaches can bring reduced productivity, theft of intellectual property, and brand trust and revenue. Many find that avoiding breaches — as many as possible — begins with an acknowledgement of the critical importance of system visibility, and the tie between impaired or even partial visibility and security risk.
“The importance of ‘system sight’ really cannot be overstated,” said Fung. “Industrials are being hit with malware attacks left and right, and that’s terrible, but the root of the problem is that so many of these organizations don’t have true centralized visibility on the security of their environments. That’s like going into battle partially blind.”
Complexity is the true enemy of IIoT-era industrials. The average company employs 75 individual security solutions, many of which might address only one or two vulnerabilities or compliance requirements. While this number might be lower in OT environments, the employment of multiple, and often many, point security solutions in OT is a real problem.
“A lot of OT professionals will admit to employing fragmented point security solutions,” said Fung. “And you have still others who will tell you they hold to no OT security architectural strategy at all. This is not just complexity — this is complexity plus a lack of conviction as to what needs to be done to tighten things up.”
With multiple disparate products in use, threat intelligence is not shared across the entire infrastructure. This means long response times to security events that increase the likelihood that operations will be compromised and disrupted.
Security without compromise
Industrial organizations want to reduce their risk. They want to ensure the operational integrity of their systems. In order to do that, they must do a deep dive on their existing security architecture. It can be dirty work, but the potential payback is enormous: improved compliance management, increased operational uptime, lighter workflow burdens, the remedying of access management issues, and clear system visibility and top-tier protection across the entire system.